boot_copy_region uses boot_encrypt before boot_enc_init if a swap is continued

[Olstyle]

swap_run will reach down to boot_copy_region which always calls boot_encrypt for encrypted images, but the AES context is only initialized via boot_enc_load if a swap was NOT ongoing.
This effectively breaks swap continuation for encoded images if the used crypto library relies on initialization.
Which is the case for mbedtls_aes_init and will pretty much always be the case for HW based implementations.

The following screenshots show my HW implementation failing, but according to my review, mbedtls will fail at the same point!

[de-nordic]

What about loop doing the boot_enc_init here

mcuboot/boot/bootutil/src/loader.c

Lines 1625 to 1635 in 0674798

	if (bs->enckey[slot][i] != 0xff) {
	break;
	}
	}
	boot_enc_init(BOOT_CURR_ENC(state), slot);
	if (i != BOOT_ENC_KEY_SIZE) {
	boot_enc_set_key(BOOT_CURR_ENC(state), slot, bs);
	}
	}

[Olstyle]

What about loop doing the boot_enc_init here

mcuboot/boot/bootutil/src/loader.c

Lines 1625 to 1635 in 0674798

     if (bs->enckey[slot][i] != 0xff) { 
         break; 
     } 
 } 

 boot_enc_init(BOOT_CURR_ENC(state), slot); 

 if (i != BOOT_ENC_KEY_SIZE) { 
     boot_enc_set_key(BOOT_CURR_ENC(state), slot, bs); 
 } 

}

Your are right, this seems to be the fixed in main, but only recently
7e3a1ce
I am working on the latest release 2.1.0, which still had that issue. So actually you already fixed it but didn't make a bugfix release out of it.

[de-nordic]

Your are right, this seems to be the fixed in main, but only recently 7e3a1ce I am working on the latest release 2.1.0, which still had that issue. So actually you already fixed it but didn't make a bugfix release out of it.

True. My bad.

[de-nordic]

Can we close the issue?

[Olstyle]

Swap continuation with the favored crypto library (since tinycrypt is discontinued) is broken in the release version.
To me this sounds like a patch release would be reasonable.
At least that's what I would do in my project.
From the pure POV of main this issue it can be considered solved.

[github-actions]

This issue has been marked as stale because it has been open (more than) 60 days with no activity. Remove the stale label or add a comment saying that you would like to have the label removed otherwise this issue will automatically be closed in 14 days. Note, that you can always re-open a closed issue at any time.